Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Unified Endpoint Management Server Security Requirements Guide
SRG-APP-000479
SRG-APP-000479
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-APP-000479
1 Rule
<GroupDescription></GroupDescription>
The UEM server must be configured to verify software updates to the server using a digital signature mechanism prior to installing those updates.
Medium Severity
<VulnDiscussion>Unauthorized modifications to software or firmware may be indicative of a sophisticated, targeted cyber-attack. Cryptographic authentication includes, for example, verifying that software or firmware components have been digitally signed using certificates recognized and approved by organizations. Code signing is an effective method to protect against malicious code. Satisfies:FPT_TUD_EXT.1.3</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>